Disclosure of Invention
The embodiment of the invention provides a link flow statistical method and system, a flow statistical host and a statistical request end, which can improve the accuracy of flow statistics.
In a first aspect, an embodiment of the present invention provides a link traffic statistic method, applied to a traffic statistic host, including:
acquiring at least one flow data packet sent by external network equipment;
receiving a link statistics request sent by a statistics request end;
generating a link statistical information linked list corresponding to the at least one traffic data packet according to the period information carried in the link statistical request;
and sending the link statistical information linked list to the statistical request terminal.
Preferably, the first and second electrodes are formed of a metal,
after the obtaining of the at least one traffic data packet sent by the external network device, the method further includes:
analyzing the at least one flow data packet, and determining attribute information of each flow data packet; wherein the attribute information indicates a timestamp of the traffic data packet and any one or more of: a first source IP, a first source port, a first destination IP, a first destination port, a size of the traffic packet, a type of the traffic packet, identification information of the network device that sent the traffic packet, and a port of the network device that sent the traffic packet;
generating a message linked list corresponding to the at least one flow data packet according to the attribute information; first link information in the message linked list corresponds to the traffic data packets one to one, and the first link information comprises attribute information of the corresponding traffic data packets;
then, the generating a link statistics information linked list corresponding to the at least one traffic data packet according to the period information carried in the link statistics request includes:
and generating the link statistical information linked list according to the cycle information and the message linked list.
Preferably, the first and second electrodes are formed of a metal,
generating the link statistical information linked list according to the cycle information and the message linked list, including:
selecting one first link information from the message linked list as current link information, and executing A1;
a1: determining whether the timestamp matches the period information according to the timestamp indicated by the current attribute information included in the current link information, and if so, performing A2;
a2: determining whether second link information corresponding to the current link information exists in the link statistical information linked list; if so, perform A3 or A4, otherwise perform A5; wherein the traffic direction indicated by the second link information is the same as or opposite to the traffic direction indicated by the current link information;
a3: when the flow direction indicated by the second link information is the same as the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the outflow flow indicated by the second link information, and incrementing the outflow packet number indicated by the second link information;
a4: when the flow direction indicated by the second link information is opposite to the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the inflow flow indicated by the second link information, and incrementing the number of the inflow packets indicated by the second link information;
a5: establishing third link information corresponding to the current attribute information in the link statistical information linked list, and setting the number of outflow packets of the third link information to be 1, wherein the outflow flow indicated by the third link information is the size of the flow data packet indicated by the current attribute information; wherein, the traffic direction indicated by the third link information is the same as the traffic direction indicated by the current link information;
a6: and selecting the first unselected link information from the message linked list as the current link information, and executing A1.
Preferably, the first and second electrodes are formed of a metal,
the method further comprises the following steps:
and deleting the selected first link information in the message linked list.
In a second aspect, an embodiment of the present invention provides a link traffic statistic method, applied to a statistic request end, including:
sending a link counting request to a flow counting host according to preset period information;
receiving a link statistical information linked list returned by the flow statistical host according to the link statistical request;
and storing the link statistical information linked list.
In a third aspect, an embodiment of the present invention provides a traffic statistic host, including: the device comprises a data packet acquisition module, a request receiving module and a link counting module; wherein,
the data packet obtaining module is used for obtaining at least one flow data packet sent by external network equipment;
the request receiving module is used for receiving a link statistics request sent by a statistics request end;
and the link counting module is used for generating a link counting information linked list corresponding to the at least one flow data packet according to the period information carried in the link counting request and sending the link counting information linked list to the counting request end.
Preferably, the first and second electrodes are formed of a metal,
further comprising: a linked list generation module; wherein,
the linked list generating module is used for analyzing the at least one flow data packet and determining the attribute information of each flow data packet; generating a message linked list corresponding to the at least one flow data packet according to the attribute information; first link information in the message linked list corresponds to the traffic data packets one to one, and the first link information comprises attribute information of the corresponding traffic data packets; the attribute information indicates a timestamp of the traffic data packet and any one or more of: a first source IP, a first source port, a first destination IP, a first destination port, a size of the traffic packet, a type of the traffic packet, identification information of the network device that sent the traffic packet, and a port of the network device that sent the traffic packet;
and the link statistical module is used for generating the link statistical information linked list according to the cycle information and the message linked list.
Preferably, the first and second electrodes are formed of a metal,
the link counting module is used for selecting one piece of first link information from the message linked list as current link information and executing A1;
a1: determining whether the timestamp matches the period information according to the timestamp indicated by the current attribute information included in the current link information, and if so, performing A2;
a2: determining whether second link information corresponding to the current link information exists in the link statistical information linked list; if so, perform A3 or A4, otherwise perform A5; wherein the traffic direction indicated by the second link information is the same as or opposite to the traffic direction indicated by the current link information;
a3: when the flow direction indicated by the second link information is the same as the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the outflow flow indicated by the second link information, and incrementing the outflow packet number indicated by the second link information;
a4: when the flow direction indicated by the second link information is opposite to the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the inflow flow indicated by the second link information, and incrementing the number of the inflow packets indicated by the second link information;
a5: establishing third link information corresponding to the current attribute information in the link statistical information linked list, and setting the number of outflow packets of the third link information to be 1, wherein the outflow flow indicated by the third link information is the size of the flow data packet indicated by the current attribute information; wherein, the traffic direction indicated by the third link information is the same as the traffic direction indicated by the current link information;
a6: and selecting the first unselected link information from the message linked list as the current link information, and executing A1.
In a fourth aspect, an embodiment of the present invention provides a statistics request end, including: the device comprises a request sending module, a receiving module and a storage module; wherein,
the request sending module is used for sending a link statistics request to the flow statistics host according to preset period information;
the receiving module is used for receiving a link statistical information linked list returned by the flow statistical host according to the link statistical request;
and the storage module is used for storing the link statistical information linked list.
In a fifth aspect, an embodiment of the present invention provides a link traffic statistic system, including: any one of the traffic statistic host and any one of the statistic request terminals.
The embodiment of the invention provides a link flow statistical method and a system, a flow statistical host and a statistical request terminal, wherein after a plurality of flow data packets sent by network equipment are received, a link statistical information linked list corresponding to all the flow data packets is constructed according to cycle information carried in a link statistical request sent by the statistical request terminal, and the link statistical information linked list is returned to the statistical request terminal. Therefore, the flow statistic result (namely the link statistic information linked list) is obtained according to the statistics of all the flow data packets, and compared with the random selection of the flow data packets in the prior art, the accuracy of the flow statistics is effectively improved. And the period information of the flow statistics is set by the statistics request end, namely the flow statistics is separated from the period information, compared with the prior art that a large number of messages in a fixed time interval are collected, namely the flow statistics and the period information are bound together, the system is more flexible to deploy, and the performance requirement on the flow statistics host is reduced.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer and more complete, the technical solutions in the embodiments of the present invention will be described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention, and based on the embodiments of the present invention, all other embodiments obtained by a person of ordinary skill in the art without creative efforts belong to the scope of the present invention.
As shown in fig. 1, an embodiment of the present invention provides a link traffic statistic method, which is applied to a traffic statistic host, and the method may include the following steps:
step 101: acquiring at least one flow data packet sent by external network equipment;
step 102: receiving a link statistics request sent by a statistics request end;
step 103: generating a link statistical information linked list corresponding to the at least one traffic data packet according to the period information carried in the link statistical request;
step 104: and sending the link statistical information linked list to the statistical request terminal.
In the above embodiment, after receiving a plurality of traffic data packets sent by the network device, the traffic statistics host generates a link statistics information linked list corresponding to all the traffic data packets according to the period information carried in the link statistics request sent by the statistics request end, and returns the link statistics information linked list to the statistics request end. Therefore, the flow statistic result (namely the link statistic information linked list) is obtained according to the statistics of all the flow data packets, and compared with the random selection of the flow data packets in the prior art, the accuracy of the flow statistics is effectively improved. And the period information of the flow statistics is set by the statistics request end, namely the flow statistics is separated from the period information, compared with the prior art that a large number of messages in a fixed time interval are collected, namely the flow statistics and the period information are bound together, the system is more flexible to deploy, and the performance requirement on the flow statistics host is reduced.
Before the method is implemented, the network device, the flow statistics host and the statistics request terminal can be configured and deployed in advance. For example, a flowmanger process may be run on the collection host, where the flowmanger process is responsible for receiving and parsing a traffic data packet (i.e., an sflow packet), and performing network link traffic data statistics after receiving a link statistics request (flowreq request) sent by a statistics request end. The flow statistics host is configured, that is, a flowmanger configuration file is edited on a host (flow statistics host) operated by the flowmanger, where the configuration file includes a port for receiving sflow message monitoring, a statistics request end (flowreq host) IP, and a port for receiving a link statistics request (flowreq request), and after configuration is completed, the flowmanger process is started, so that the link flow statistics method shown in fig. 1 can be executed.
The network device may be a switch or a router, among others. Taking the switch as an example, the sFlowcollect host and the message sampling rate of the switch may be set in advance, specifically, the message sampling rate of the switch may be set to 100%, and of course, the message sampling rate of the switch may also be set to other values, for example, 75% or 80%. In the embodiment of the invention, in order to improve the accuracy of flow statistics, the message sampling rate of the switch is set to be 100%. In addition, the address of the collection host corresponding to the switch is set as the host running in flowmanager, so that the switch sends the collected sflow message to the flow counting host.
In addition, a shell script can be compiled on a statistical request end (flowreq host), a flowreq process is called in the script, and parameters of the flowreq process include flowmanger host IP, a port and a timestamp, so that the flowreq host (statistical request end) can send a link statistical request to the flowmanger host (traffic statistical host) and acquire a link statistical information linked list.
In an embodiment of the present invention, after step 101, the method may further include:
analyzing the at least one flow data packet, and determining attribute information of each flow data packet; wherein the attribute information indicates a timestamp of the traffic data packet and any one or more of: a first source IP, a first source port, a first destination IP, a first destination port, a size of the traffic packet, a type of the traffic packet, identification information of the network device that sent the traffic packet, and a port of the network device that sent the traffic packet;
generating a message linked list corresponding to the at least one flow data packet according to the attribute information; first link information in the message linked list corresponds to the traffic data packets one to one, and the first link information comprises attribute information of the corresponding traffic data packets;
specific embodiments of step 103 may include:
and generating the link statistical information linked list according to the cycle information and the message linked list.
After the flow statistics host receives the flow data packets sent by the switch, each flow data packet can be analyzed, and the attribute information of each flow data packet is kept: the method comprises the steps of time stamping, a first source IP, a first source port, a first destination IP, a first destination port, the size of a flow data packet, the type (TCP and UDP) of the flow data packet, sending identification information of network equipment of the flow data packet and sending the flow data packet, then storing attribute information of each flow data packet into a message chain table, enabling first link information in the message chain table to correspond to the flow data packet one by one, enabling each first link information to correspond to an object id, and being used for identifying the first link information so as to search the first link information in the process of generating a link statistical information chain table according to the message chain table in the later stage. For example, the format of the objectid is the type of the traffic data packet-first source IP: first source port-first destination IP: first destination port.
In addition, in order to further facilitate searching the first link information in the process of generating the link statistics information linked list, each first link information in the message linked list is arranged according to the time stamp sequence thereof, for example, the flow data packets from the tail to the head in the message linked list are stored according to the time increasing sequence thereof. Therefore, when the link statistical information linked list is generated, the inflow flow, the inflow packet number, the outflow flow, the outflow packet number and the like can be counted according to each first link information in the message linked list, so that the generation efficiency of the link statistical information linked list is improved, and the accuracy of flow statistics is improved.
In an embodiment of the present invention, the generating the link statistics information linked list according to the period information and the packet linked list includes:
selecting one first link information from the message linked list as current link information, and executing A1;
a1: determining whether the timestamp matches the period information according to the timestamp indicated by the current attribute information included in the current link information, and if so, performing A2;
a2: determining whether second link information corresponding to the current link information exists in the link statistical information linked list; if so, perform A3 or A4, otherwise perform A5; wherein the traffic direction indicated by the second link information is the same as or opposite to the traffic direction indicated by the current link information;
a3: when the flow direction indicated by the second link information is the same as the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the outflow flow indicated by the second link information, and incrementing the outflow packet number indicated by the second link information;
a4: when the flow direction indicated by the second link information is opposite to the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the inflow flow indicated by the second link information, and incrementing the number of the inflow packets indicated by the second link information;
a5: establishing third link information corresponding to the current attribute information in the link statistical information linked list, and setting the number of outflow packets of the third link information to be 1, wherein the outflow flow indicated by the third link information is the size of the flow data packet indicated by the current attribute information; wherein, the traffic direction indicated by the third link information is the same as the traffic direction indicated by the current link information;
a6: and selecting the first unselected link information from the message linked list as the current link information, and executing A1.
For example, the packet chain table according to the traffic data packet is shown in table 1:
TABLE 1
The following describes the generation process of the link statistics linked list in detail by taking table 1 as an example. When the link statistics information linked list is generated, first link information 1 is selected from table 1 as current link information, and if the period information carried in the link statistics request is 00:00-05:00, it can be determined that the timestamp of the first link information 1 falls in the range indicated by the period information, and thus it is determined that the timestamp of the first link information 1 matches with the period information. It can be understood that, based on the same determination method, it can be determined that all the 4 pieces of first link information in table 1 are matched with the period information, and details about matching of other first link information are not described herein.
At this time, no link information exists in the link statistics information linked list, and thus no second link information corresponding to the first link information 1 exists. Then, according to the attribute information of the first link information 1, a third link information 1 is constructed in the link statistics information linked list, and the number of outflow packets of the third link information 1 is set to 1, the outflow rate is 100k, which is the size of the flow data packet of the first link information 1, and the constructed third link information 1 has the same flow direction as the first link information 1, that is, a third source IP, a third source port, a third destination IP, and a third destination port indicated by the third link information are respectively the same as the first source IP, the first source port, the first destination IP, and the first destination port indicated by the first link information 1.
After the third link information 1 is constructed in the link statistics information linked list, the first link information 2 is taken as the current link information, at this time, only the third link information 1 exists in the link statistics information linked list, the third source IP, the third source port, the third destination IP and the third destination port indicated by the third link information 1 are different from the first source IP, the first source port, the first destination IP and the first destination port indicated by the first link information 2, the third source IP and the third source port indicated by the third link information 1 are different from the first destination IP and the first destination port indicated by the first link information 2, the third destination IP and the third destination port indicated by the third link information 1 are different from the first source IP and the first source port indicated by the first link information 2, that is, the existing third link information 1 in the link statistics information linked list is not the same as the flow direction indicated by the first link information 2, and if not, that is, the third link information 1 is not the second link information corresponding to the first link information 2, then the third link information 2 is constructed in the link statistics information linked list according to the attribute information of the first link information 2, and the number of the outgoing packets of the third link information 2 is set to 1, the outgoing flow is 50k of the flow data packet of the first link information 2, and the constructed third link information 2 has the same flow direction as the first link information 2, that is, the third source IP, the third source port, the third destination IP, and the third destination port indicated by the third link information are respectively the same as the first source IP, the first source port, the first destination IP, and the first destination port indicated by the first link information 1. The link statistics linked list at this time can be as shown in table 2:
TABLE 2
Then, the first link information 3 is used as the current link information, at this time, the third source IP, the third source port, the third destination IP, and the third destination port indicated by the third link information 1 in the link statistics information linked list are the same as the first source IP, the first source port, the first destination IP, and the first destination port indicated by the first link information 3, that is, it is described that the traffic direction of the third link information 1 is the same as that of the first link information 3, that is, the third link information 1 is the second link information corresponding to the first link information 3, at this time, the traffic packet size of the first link information 3 is superimposed on the outgoing traffic indicated by the third link information 1, and the outgoing packet number of the third link information 1 is incremented, that is, the outgoing packet number of the third link information 1 is incremented to 2. The link statistics linked list update at this time is shown in table 3:
TABLE 3
And finally, taking the first link information 4 as current link information, at this time, a third source IP and a third source port indicated by third link information 1 in a link statistical information linked list are respectively the same as a first destination IP and a first destination port of the first link information 4, and a third destination IP and a third destination port indicated by the third link information 1 are respectively the same as a first source IP and a first source port of the first link information 4, that is, it is stated that the flow direction of the third link information 1 is opposite to that of the first link information 4, that is, the third link information 1 is second link information corresponding to the first link information 3, at this time, the flow data packet size of the first link information 3 is superposed to the inflow flow indicated by the third link information 1, and the number of inflow packets of the third link information 1 is incremented, that is, the number of inflow packets of the third link information 1 is incremented to 1. The link statistics linked list at this time is shown in table 4. Since the first link information 4 is the last first link information in the message linked list, the link statistical information linked list generated according to the cycle information and the message linked list is as shown in table 4. The linked list of link statistics may then be sent to flowreq in a format agreed upon by flowreq (e.g., json format). And the flowmanager continues to wait for flowreq to send a next request, namely, to receive a link statistic request carrying the information of the next period.
TABLE 4
In an embodiment of the present invention, in order to further improve the generation efficiency of the link statistical information linked list, the link traffic statistical method may further include: and deleting the selected first link information in the message linked list. Therefore, the situation that the selected first link information is compared again in the process of traversing the message linked list, namely in the process of generating the link statistical information linked list according to the message linked list can be avoided, and the generation efficiency of the link statistical information linked list can be improved. And the first link information selected in the message linked list is deleted, and the first link information corresponding to each period can be deleted after being selected, so that when the link statistical information linked list is generated according to the period information, only the first link information corresponding to the period exists in the message linked list. For example, after the first link information (e.g., the first link information 1 to the first link information 4 shown in table 1) matching the cycle information 00:00 to 05:00 is selected, the first link information 1 to the first link information 4 are deleted, and when the link statistical information linked list is generated according to the cycle information 05:00 to 10:00, the first link information 1 to the first link information 4 do not exist in the message linked list, so that the first link information matching the cycle information 05:00 to 10:00 can be directly selected without repeatedly selecting the first link information 1 to the first link information 4, which is not only beneficial to further improving the generation efficiency of the link statistical information linked list, but also can effectively reduce the memory pressure.
In addition, the embodiment of the present invention separates traffic statistics from the setting of period information, and based on this, the embodiment of the present invention further provides a link traffic statistics method, which is applied to a statistics request end, as shown in fig. 2, the method may include:
step 201: sending a link counting request to a flow counting host according to preset period information;
step 202: receiving a link statistical information linked list returned by the flow statistical host according to the link statistical request;
step 203: and storing the link statistical information linked list.
In the above embodiment, the statistics requesting end is mainly responsible for determining the period information, and then sends the link statistics request, that is, the flowreq sends the request to the flowmanger, and the link statistics request includes the request timestamp (i.e., the period information), and then waits for the flowmanger to respond. After flowreq receives flowmanger response, namely after receiving a link statistical information linked list, analyzing flowmanger response information according to an agreed format, and then inputting link flow data into a table or a file, namely storing the link statistical information linked list. Therefore, the period information of the flow statistics is set by the statistics request end, namely the flow statistics is separated from the period information, compared with the prior art that a large number of messages in a fixed time interval are collected, namely the flow statistics and the period information are bound together, the system is more flexible to deploy, and the performance requirement on the flow statistics host is reduced.
As shown in fig. 3 and 4, an embodiment of the present invention provides a traffic statistic host. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. From a hardware aspect, as shown in fig. 3, a hardware structure diagram of a device where a traffic statistic host is located according to an embodiment of the present invention is provided, where the device in the embodiment may generally include other hardware, such as a forwarding chip responsible for processing a packet, in addition to the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 3. Taking a software implementation as an example, as shown in fig. 4, as a logical apparatus, the apparatus is formed by reading a corresponding computer program instruction in a non-volatile memory into a memory by a CPU of a device in which the apparatus is located and running the computer program instruction. The traffic statistic host provided in this embodiment includes: a data packet obtaining module 401, a request receiving module 402 and a link statistics module 403; wherein,
the data packet obtaining module 401 is configured to obtain at least one traffic data packet sent by an external network device;
the request receiving module 402 is configured to receive a link statistics request sent by a statistics request end;
the link statistics module 403 is configured to generate a link statistics linked list corresponding to the at least one traffic data packet according to the period information carried in the link statistics request, and send the link statistics linked list to the statistics request end.
In an embodiment of the present invention, the traffic statistic host may further include: a linked list generation module; wherein,
the linked list generating module is used for analyzing the at least one flow data packet and determining the attribute information of each flow data packet; generating a message linked list corresponding to the at least one flow data packet according to the attribute information; first link information in the message linked list corresponds to the traffic data packets one to one, and the first link information comprises attribute information of the corresponding traffic data packets; the attribute information indicates a timestamp of the traffic data packet and any one or more of: a first source IP, a first source port, a first destination IP, a first destination port, a size of the traffic packet, a type of the traffic packet, identification information of the network device that sent the traffic packet, and a port of the network device that sent the traffic packet;
the link statistics module 403 is configured to generate the link statistics information linked list according to the period information and the packet linked list.
In an embodiment of the present invention, the link statistics module 403 is configured to select one first link information from the message linked list as current link information, and execute a 1;
a1: determining whether the timestamp matches the period information according to the timestamp indicated by the current attribute information included in the current link information, and if so, performing A2;
a2: determining whether second link information corresponding to the current link information exists in the link statistical information linked list; if so, perform A3 or A4, otherwise perform A5; wherein the traffic direction indicated by the second link information is the same as or opposite to the traffic direction indicated by the current link information;
a3: when the flow direction indicated by the second link information is the same as the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the outflow flow indicated by the second link information, and incrementing the outflow packet number indicated by the second link information;
a4: when the flow direction indicated by the second link information is opposite to the flow direction indicated by the current link information, superimposing the size of the flow data packet indicated by the current attribute information on the inflow flow indicated by the second link information, and incrementing the number of the inflow packets indicated by the second link information;
a5: establishing third link information corresponding to the current attribute information in the link statistical information linked list, and setting the number of outflow packets of the third link information to be 1, wherein the outflow flow indicated by the third link information is the size of the flow data packet indicated by the current attribute information; wherein, the traffic direction indicated by the third link information is the same as the traffic direction indicated by the current link information;
a6: and selecting the first unselected link information from the message linked list as the current link information, and executing A1.
As shown in fig. 5, an embodiment of the present invention provides a further statistical request end, including: a request sending module 501, a receiving module 502 and a storage module 503; wherein,
the request sending module 501 is configured to send a link statistics request to the traffic statistics host according to preset period information;
the receiving module 502 is configured to receive a link statistics information linked list returned by the traffic statistics host according to the link statistics request;
the storage module 503 is configured to store the link statistics information linked list.
Because the information interaction, execution process, and other contents between the units in the device are based on the same concept as the method embodiment of the present invention, specific contents may refer to the description in the method embodiment of the present invention, and are not described herein again.
As shown in fig. 6, an embodiment of the present invention further provides a link traffic statistic system, including: the traffic statistic host 601 and the statistic requester 602.
Taking a network device as an example of a switch, the sflow sampling rate of the switch is set to 100% in advance, so that the switch sends collected traffic data packets to a traffic statistics host. Then, the address of the collection host is set as a flow manager running host, and a flow manager configuration file is edited on the flow manager running host, wherein the flow manager configuration file comprises a port for receiving sflow message monitoring, a flow req host IP and a port for receiving a flow req request. After the configuration is completed, the flowmanager process is started. The flowreq host can be selected to run on the same host as the flowmanager or run on different hosts, a shell calling the flowreq process is started, and if the counted time interval (namely, the period information) needs to be modified, only the shell script needs to be modified. Based on this, when the link traffic statistic system is used to perform link traffic statistic, the link traffic statistic method may include the steps shown in fig. 7:
step 701: and the switch sends the collected traffic data packets to the traffic statistic host.
Step 702: the flow statistic host analyzes each flow data packet, determines the attribute information of each flow data packet, and generates a message linked list of each flow data packet according to the determined attribute information.
Wherein, the flow statistic host is the host running flowmanager.
703, step two: and the statistic request end sends a link statistic request to the traffic statistic host.
Wherein, the statistical request end is the host running flowreq.
Step 704: and the flow statistics host generates a link statistics information linked list according to the cycle information and the message linked list carried in the link statistics request.
Step 705: and the flow statistic host sends the link statistic information linked list to a statistic request end.
Step 706: and the statistical request end stores the link statistical information linked list.
The embodiment of the present invention provides a readable medium, which includes an execution instruction, and when a processor of a storage controller executes the execution instruction, the storage controller executes any one of the link traffic statistical methods provided in the embodiment of the present invention.
An embodiment of the present invention provides a storage controller, including: a processor, a memory, and a bus;
the memory is used for storing an execution instruction, the processor is connected with the memory through the bus, and when the memory controller runs, the processor executes the execution instruction stored in the memory, so that the memory controller executes any link traffic statistical method provided by the embodiment of the invention.
The embodiments of the invention have at least the following beneficial effects:
1. in the embodiment of the invention, after receiving a plurality of traffic data packets sent by the network equipment, the traffic statistical host generates the link statistical information linked list corresponding to all the traffic data packets according to the cycle information carried in the link statistical request sent by the statistical request terminal, and returns the link statistical information linked list to the statistical request terminal. Therefore, the flow statistic result (namely the link statistic information linked list) is obtained according to the statistics of all the flow data packets, and compared with the random selection of the flow data packets in the prior art, the accuracy of the flow statistics is effectively improved.
2. In the embodiment of the invention, the statistical request end is mainly responsible for determining the period information, then sends the link statistical request which contains the period information, and then stores the link statistical information linked list returned by the flow statistical host. Therefore, the period information of the flow statistics is set by the statistics request end, namely the flow statistics is separated from the period information, compared with the prior art that a large number of messages in a fixed time interval are collected, namely the flow statistics and the period information are bound together, the system is more flexible to deploy, and the performance requirement on the flow statistics host is reduced.
3. In the embodiment of the invention, the first link information in the message linked list is arranged according to the time stamp sequence, so that when the link statistical information linked list is generated, the inflow flow, the inflow packet number, the outflow flow, the outflow packet number and the like can be counted according to each first link information in the message linked list, thereby improving the generation efficiency of the link statistical information linked list and improving the accuracy of flow statistics.
4. In the embodiment of the invention, the first link information selected in the message linked list is deleted. Therefore, the situation that the selected first link information is compared again in the process of traversing the message linked list can be avoided, and the generation efficiency of the link statistical information linked list can be improved.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a" does not exclude the presence of other similar elements in a process, method, article, or apparatus that comprises the element.
Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
Finally, it is to be noted that: the above description is only a preferred embodiment of the present invention, and is only used to illustrate the technical solutions of the present invention, and not to limit the protection scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.